I have Algo set up a VPN on a VPS instance that I use my for a VPN most of the time. It only supports IKEv2 and Wireguard.
Currently there's some issues on Xbox that only affect the Northeast, but tunnelling with a VPN (not located in northeast US) fixes the issue.
Can I configure OPNSense to tunnel all traffic (possibly only for 1 client) through a VPN tunnel?
With Wireguard, yes
https://www.routerperformance.net/opnsense-wireguard-as-a-central-gateway-for-vpn-clients/